The Secunia reported that Andy Staudacher has discovered a vulnerability in ADOdb, which potentially can be exploited by malicious people to conduct SQL injection attacks. The vulnerability is related to binary strings and affects PostgreSQL 8 but not MySQL.

Input passed to certain parameters isn't properly sanitised before being used in a SQL query. This can potentially be exploited to manipulate SQL queries by injecting arbitrary SQL code.


The vulnerability has been reported in versions prior to 4.71 and affects only PostgreSQL users.

Solution:
http://sourceforge.net/project/showfiles.php?group_id=42718&package_id=34890